PERFORMING LIVE UPDATES TO FILE SYSTEM VOLUMES

Description

FIELD

[0001] The described embodiments set forth techniques for performing live updates to file system volumes of computing devices through the utilization of snapshots.

BACKGROUND

[0002] Existing approaches for performing operating system (OS) updates are task-intensive and highly prone to error. For example, a common approach for updating an OS of a mobile device involves the following steps: (1) receiving an OS update package at the mobile device, (2) unpacking the OS update package, (3) rebooting the mobile device into a specialized update mode and performing the update (in accordance with the OS update package) to produce an updated OS, and (4) rebooting the device / loading the updated OS. Unfortunately, step (3) is associated with a number of considerable drawbacks that have yet to be addressed. For example, when step (3) is carried out, the mobile device enters into an inoperable state for a considerable period of time where a user of the mobile device cannot utilize the important functionalities (e.g., connectivity) normally provided by the mobile device. Moreover, when step (3) is carried out, the specialized update mode places the mobile device in a vulnerable state that can potentially render the mobile device inoperable, e.g., when a power failure occurs, when the update fails, and the like. Accordingly, there exists a need for a more efficient and stable technique for updating operating systems on computing devices. US 2016/162278 A1 describes a method and system for applying an operating system update to a system of a computing device. The system receives an operating system update and captures a snapshot of a device system of a device being updated. The system applies the update to the snapshot. The system causes the device being updated to boot into the updated snapshot and monitors system processes as the device is booting. If the device has successfully booted into the updated snapshot of the device system, the updated snapshot of the device system is copied to the device system. If the device has not successfully booted into the updated snapshot, the system causes the device to boot into the existing device system, which the update has not been applied to.

[0003] Anonymous: "how to use snapshots", (https://wiki.netbsd.org/tutorials/ how_to_use_snapshots/) describes how to use filesystem snapshots in NetBSD.

[0004] Anonymous: "Mounting File Systems (System Administration Guide, Volume 3)", (available at http://docs.oracle.com/cd/E19455-01/806-0916/6ja8539fm/index.html) describes various methods for mounting file systems within the SunOS operating system.

SUMMARY

[0005] The described embodiments set forth techniques for performing live updates to file system volumes (e.g., operating system (OS) file system volumes) of computing devices through the utilization of snapshots. In particular, the techniques enable a computing device to remain active while a majority of an update process is performed, which eliminates the considerable functional downtime that is normally imposed when implementing conventional update techniques. Moreover, the overall robustness of the update process is enhanced as the techniques described herein reduce the amount of time that is required for the computing device to remain in the above-described specialized update mode.

[0006] The invention is set out in independent method claim 1, corresponding computer readable storage medium claim 7 and apparatus claim 8.

[0007] Other embodiments include at least one computer readable medium configured to store instructions that, when executed by at least one processor included in a computing device, cause the computing device to implement any of the techniques set forth herein. Further embodiments include a computing device that includes at least one memory and at least one processor that, in conjunction, enable the computing device to implement the various techniques set forth herein.

[0008] This Summary is provided merely for purposes of summarizing some example embodiments to provide a basic understanding of some aspects of the subject matter described herein. Accordingly, it will be appreciated that the above-described features are merely examples and should not be construed to narrow the subject matter described herein in any way. Other features, aspects, and advantages of the subject matter described herein will become apparent from the following Detailed Description, Figures, and Claims.

[0009] Other aspects and advantages of the embodiments described herein will become apparent from the following detailed description taken in conjunction with the accompanying drawings which illustrate, by way of example, the principles of the described embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

[0010] The included drawings are for illustrative purposes and serve only to provide examples of possible structures and arrangements for the disclosed inventive apparatuses and methods for their application to computing devices. These drawings in no way limit any changes in form and detail that can be made to the embodiments by one skilled in the art. The embodiments will be readily understood by the following detailed description in conjunction with the accompanying drawings, wherein like reference numerals designate like structural elements.

FIG. 1 illustrates a block diagram of different components of a computing device configured to implement the various techniques described herein, according to some embodiments.

FIGS. 2A-2H illustrate block diagrams of the computing device of FIG. 1 carrying out a live update of a file system volume 109, according to some embodiments.

FIG. 3 illustrates a method for carrying out a live update of a file system volume on the computing device of FIG. 1, according to some embodiments.

FIG. 4 illustrates a block diagram of a computing device that can represent the components of a computing device or any other suitable device or component for realizing any of the methods, systems, apparatus, and embodiments described herein.

DETAILED DESCRIPTION

[0011] Representative applications of apparatuses and methods according to the presently described embodiments are provided in this section. These examples are being provided solely to add context and aid in the understanding of the described embodiments. It will thus be apparent to one skilled in the art that the presently described embodiments can be practiced without some or all of these specific details. In other instances, well known process steps have not been described in detail in order to avoid unnecessarily obscuring the presently described embodiments. Other applications are possible, such that the following examples should not be taken as limiting.

[0012] The embodiments described herein set forth techniques for performing live updates to file system volumes of computing devices through the utilization of snapshots. According to some embodiments, a file system manager executing on a computing device can be configured to implement the various techniques described herein. In particular, the file system manager can be configured to mount different file system volumes-e.g., an operating system (OS) file system volume, a user file system volume, and the like-on the computing device. According to some embodiments, the file system manager can be configured to mount these file system volumes in different manners in order to implement the different techniques described herein, e.g., the file system volumes can be mounted in a read-only mode, a read / write mode, a hidden read / write mode, and the like.

[0013] According to some embodiments, the file system manager can be configured to service requests for generating snapshots of the file system volumes. According to some embodiments, a storage included in / accessible to the computing device can be configured to store different snapshots of different file system volumes of the computing device, where each snapshot includes data that represents a particular file system volume at a particular point in time. For example, a first snapshot can include a complete copy of the data of a file system volume at a first point in time, and a related / second snapshot can include only the data that represents the changes made to the file system volume between when the first snapshot was established and the second snapshot was established.

[0014] As described in greater detail herein, the file system manager can be configured to utilize snapshots of file system volumes-as well as different file system mount modes (e.g., read only mode, read / write mode, hidden read/write mode, etc.)-to perform live updates to the file system volumes in a secure, stable, and unobtrusive manner. A more detailed discussion of these techniques is set forth below and described in conjunction with FIGS. 1-4, which illustrate detailed diagrams of systems and methods that can be used to implement these techniques.

[0015] FIG. 1 illustrates a block diagram 100 of different components of a computing device 102 that is configured to implement the various techniques described herein, according to some embodiments. More specifically, FIG. 1 illustrates a high-level overview of the computing device 102, which, as shown, can include at least one processor 104, at least one memory 106, and at least one storage 118. According to some embodiments, the processor 104 can be configured to work in conjunction with the memory 106 and the storage 118 to enable the computing device 102 to operate in accordance with this disclosure. For example, the processor 104 can be configured to load / execute a file system manager 108 that is specifically configured to implement the various techniques described herein. According to some embodiments, and as described in greater detail herein, the file system manager 108 can be configured to mount different file system volumes 109 on the computing device 102, e.g., an operating system (OS) file system volume 109, a user file system volume 109, and the like.

[0016] According to some embodiments, an OS file system volume 109 can represent a core OS that is configured to operate on the computing device 102. For example, the OS file system volume 109 can enable a variety of processes to execute on the computing device 102, e.g., OS daemons, native OS applications, user applications, and the like. According to some embodiments, a user file system volume 109 can represent a file system hierarchy that stores user applications and user data that are accessible at the computing device 102 by way of the OS file system volume 109. As previously noted herein, the file system manager 108 can be configured to mount these volumes in different modes in order to implement the different techniques described herein, e.g., the file system volumes 109 can be mounted in a read-only mode, a read / write mode, a hidden read / write mode, and the like. According to some embodiments, the file system volumes 109 can be members of a same (or different) logical container and can be configured to utilize the same physical storage space within the storage 118. This beneficially provides enhanced flexibility as each file system volume 109 can consume space within the storage 118 on an as-needed basis. In addition, each file system volume 109 can be configured to enforce particular configurations (e.g., permissions, ownership, encryption schemes, etc.) that are independent from the configurations of other file system volumes 109 managed by the file system manager 108.

[0017] According to some embodiments, the storage 118 can represent a storage that is accessible to the computing device 102, e.g., a hard disk drive, a solid state drive, a mass storage device, a remote storage device, and the like. In some examples, the storage 118 can represent a storage that is accessible to the computing device 102 via a local area network (LAN), a personal area network (PAN), and the like. Although not illustrated in FIG. 1, it is noted that the storage 118 can be configured to store the data of different file system volumes 109 that the file system manager 108 is capable of mounting. For example, the storage 118 can include file system data structures for each file system volume 109, where the file system data structures are utilized by the file system manager 108 to manage the actual data of the file system volumes 109.

[0018] According to some embodiments, the storage 118 can be configured to store different snapshots 120 of different file system volumes 109 of the computing device 102, where each snapshot includes data that represents a particular file system volume 109 (and, in some cases, one or more other file system volumes 109) at a particular point in time. For example, a first snapshot 120 can include a complete copy of the data of a file system volume 109, and a related / second snapshot 120 can include only the data that represents changes that have been made to the file system volume 109 between the first snapshot 120 was established and when the second snapshot 120 was established.

[0019] According to some embodiments, the file system manager 108 can be configured to service requests for generating snapshots 120 of the file system volumes 109. In particular, the file system manager 108 can be configured to gather data of a file system volume 109, generate a snapshot 120 based on the data, and then provide the snapshot 120 to the storage 118 (or other storage device accessible to the computing device 102). For example, when a request for a first (i.e., an initial) snapshot 120 of a file system volume 109 is received, the file system manager 108 can respond by creating a first snapshot 120 of the file system volume 109. Because this is an initial snapshot 120, no existing / prior snapshots 120 are associated with the file system volume 109, and it is not necessary for the file system manager 108 to rely on analyzing a previous snapshot 120 (i.e., to identify changes) when gathering data to generate the first snapshot 120. Instead, the file system manager 108 gathers the data-e.g., all of the data, or a subset of the data, depending on a configuration-and generates the first snapshot 120 for the file system volume 109. According to some embodiments, the file system manager 108 can also establish associated data structures (e.g., extent delta trees) that enable the file system manager 108 to efficiently identify any changes made to the file system volume 109 subsequent to creating the first snapshot 120 (e.g., when an update package is processed), which can help increase efficiency when generating subsequent snapshots 120.

[0020] At a later time, the file system manager 108 can receive a subsequent request to generate a second snapshot 120 of the file system volume 109. In response, and in accordance with the above-described techniques, the file system manager 108 can (1) identify the first snapshot 120 associated with the file system volume 109, (2) identify the data structures associated with the first snapshot 120, and (3) generate a second snapshot 120 that captures the changes represented in the data structures associated with the first snapshot 120.

[0021] Accordingly, FIG. 1 sets forth an overview of different components / entities that can be included in the computing device 102 to enable the embodiments described herein to be properly implemented. As described in greater detail below, the file system manager 108 can utilize the file system volumes 109 / snapshots 120 to implement techniques for performing live updates to file system volumes 109 (e.g., an OS file system volume 109), thereby enhancing overall stability and performance.

[0022] FIGS. 2A-2H illustrate block diagrams of the computing device of FIG. 1 carrying out a live update of a file system volume 109, according to some embodiments. As shown in FIG. 2, at a first step 200, the file system manager 108 mounts two different file system volumes 109 on the computing device 102: an OS file system volume 110 in a read-only mode, and a user file system volume 112 in a read / write mode. According to some embodiments, mounting a file system volume can involve making the file system volume accessible for reading (when in a read-only mode) and writing (when in a read/write mode). For example, mounting a file system volume can involve identifying a storage device (e.g., the storage 118) accessible to the computing device 102, identifying at least one available mount point within the storage device, and updating a configuration of the computing device 102 to enable applications executing on the computing device 102 (e.g., a Basic Input/Output System (BIOS) of the computing device 102, an OS of the computing device 102, etc.) to access the contents of the file system volume. As shown in FIG. 2A, the read-only OS file system volume 110 can be mounted based on a first snapshot 120 available in the storage 118 (or other storage accessible to the computing device 102). According to some embodiments, the first snapshot 120 can be created prior to, in conjunction with, or subsequent to mounting the read-only OS file system volume 110. In this manner, the read-only OS file system volume 110 can be mounted based on the first snapshot 120 each time the computing device 102 powers-on.

[0023] Turning now to FIG. 2B, at step 210, the file system manager 108 mounts an OS file system volume 114 in a hidden read / write mode. According to some embodiments, mounting the OS file system volume 114 in a hidden read / write mode can involve establishing a file system volume mount that is accessible / visible only to particular entities operating at the computing device 102, e.g., daemons of an OS executing on the computing device 102. As shown in FIG. 2B, the hidden read / write OS file system volume 114 can be mounted based on the same first snapshot 120 on which the read-only OS file system volume 110 is based, such that the read-only OS file system volume 110 and the hidden read-write OS file system volume 114 reflect the same state of the OS. The hidden read / write OS file system volume 114 is hidden from view of other file system volumes 109 mounted at the computing device. In this manner, the OS files associated with the hidden read / write OS file system volume 114 cannot be improperly modified, e.g., by processes executing in association with the read-only OS file system volume 110 and/or the read-write user file system volume 112. However, as the hidden read / write OS file system volume 114 is readable / writable, OS files can be updated in accordance with an update package even while the read-only OS file system volume 110 and the read / write user file system volume 112 remain operable, which is described below in greater detail in conjunction with FIG. 2C.

[0024] Turning now to FIG. 2C, at step 220, the file system manager 108 receives and applies an OS update package 122 against the hidden read / write OS file system volume 114. According to some embodiments, the OS update package 122 can be downloaded (e.g., over an Internet connection), loaded directly onto the computing device 102 (e.g., over a local wireless / wired connection), and the like, where the OS update package 122 includes instructions / data for updating the OS files associated with the hidden read / write OS file system volume 114. Additionally, the file system manager 108 can be configured to unpack / verify the contents of the OS update package 122 prior to applying the OS update package 122 to ensure authenticity / stability.

[0025] Turning now to FIG. 2D, at step 230, the hidden read / write OS file system volume 114 is converted into a hidden read / write updated OS file system volume 116 that represents the hidden read / write OS file system volume 114 after the OS update package 122 is processed. Additionally, and as also shown in FIG. 2D, at step 230, the file system manager 108 generates a second snapshot 124 based on the hidden read / write updated OS file system volume 116, and stores the second snapshot 124 within the storage 118 (or other available storage). At this point in the live update process, the file system manager 108 can update a configuration such that the hidden read / write updated OS file system volume 116 becomes the primary file system volume 109 on the computing device 102.

[0026] Accordingly, and turning now to FIG. 2E, at step 240, the file system manager 108 eliminates / unmounts the read-only OS file system volume 110, and also eliminates / unmounts the hidden read / write updated OS file system volume 116. According to some embodiments, eliminating / unmounting a file system volume at the computing device 102 can involve updating a configuration of the computing device 102 such that the contents of the file system volume are no longer accessible. According to some embodiments, this can involve rebooting the computing device 102, performing a live configuration update at the computing device 102, and/or the like. For example, the OS update package 122 can indicate whether or not a hard restart of the computing device 102 is necessary for the update to be properly reflected at the computing device 102. In any case, step 240 involves eliminating / unmounting the old / outdated read-only OS file system volume 110, eliminating / unmounting the hidden read / write updated OS file system volume 116, and then re-mounting the updated OS file system volume 116 in a read-only mode (which is described below in greater detail in conjunction with FIG. 2F)

[0027] Accordingly, and turning now to FIG. 2F, at step 250, the file system manager 108 establishes a read-only mount of the updated OS file system volume 116, while maintaining / restoring (e.g., when the computing device 102 is rebooted) the read-write user file system volume 112. As shown in FIG. 2F, the read-only mount of the updated OS file system volume 116 is established based on the second snapshot 124 that is generated in conjunction with step 230 of FIG. 2D, described above in detail.

[0028] Turning now to FIG. 2G, step 260 is carried out, which involves the file system manager 108 eliminating / deleting the first snapshot 120, as the second snapshot 124 is intact and can enable the computing device 102 to effectively establish the read-only mount of the updated OS file system volume 116 (e.g., each time the computing device 102 is powered-on). According to some embodiments, when a prior snapshot is deleted (e.g., the first snapshot 120), the file system manager 108 can take measures to ensure that the deletion of the prior snapshot does not reduce the availability of any data that is needed by subsequent snapshots. In other words, subsequent snapshots will not be affected in any way by the deletion of a prior snapshot, as the subsequent snapshots will still contain all of the information necessary to enable their respective file system volumes to be mounted. Alternatively, the file system manager 108 can retain the snapshot 120, e.g., as a restoration option in situations where the updated OS file system volume 116 does not function properly, when a user of the computing device 102 desires to roll back to a previous configuration, and the like.

[0029] Turning to FIG. 2H, step 270 represents an illustration of a stable state of the computing device 102 after steps 200-260 are carried out by the file system manager 108. As shown in FIG. 2H, the snapshot 124 is intact and can be utilized each time the updated OS file system volume 116 is mounted in a read-only mode. Moreover, when the computing device 102 / file system manager 108 receives a subsequent OS update package 122, the file system manager 108 can be configured to mount the OS file system volume 109 in a hidden read / write mode. Subsequently, the file system manager 108 can carry out steps 220-260 described above in detail to process the subsequent OS update package 122. In this manner, the computing device 102 / file system manager 108 are capable of performing live updates to file system volumes 109 at the computing device 102 in a highly stable manner while substantially reducing the overall downtime that is required when carrying out conventional file system volume update processes.

[0030] FIG. 3 illustrates a method 300 for carrying out a live update of a file system volume 109 on the computing device of FIG. 1, according to some embodiments. As shown in FIG. 3, the method 300 begins at step 302, and involves the FS manager 108 establishing a first mount of a file system volume 109 in a read-only mode. The file system manager 108 can establish the first mount of the file system volume 109 in response to the a boot-up of the computing device 102, where the file system volume 109 represents a core OS configured to execute on the computing device 102. As shown in FIG. 3, the first mount is based on a first snapshot 120 of the file system volume 109. It is noted that the term "first" snapshot 120 is used merely to distinguish the first snapshot 120 from the second snapshot 120 described below at step 310, and that the terms "first" and "second" do not in any way represent temporal / sequential restrictions that must be enforced when implementing the techniques herein. For example, the first snapshot 120 / second snapshot 120 can represent different snapshots, in any order, among a plurality of snapshots that are available within the storage 118.

[0031] At step 304, the FS manager 108 obtains an update package 122 for the file system volume 109. The update package 122 can be received at the computing device 102 according to any known technique, e.g., an over-the-air (OTA) update, a download, a local file transfer, and the like. According to some embodiments, the update package 122 can be pushed to the computing device 102 (e.g., by way of a push notification), the update package 122 can be pulled to the computing device 102 (e.g., by way of querying / downloading), and so on.

[0032] At step 306, the FS manager 108 establishes a second / hidden mount of the file system volume 109 in a read-write mode. According to some embodiments, step 306 can involve establishing the second mount of the file system volume 109 in an area of memory that is accessible to the file system manager 108 but is not accessible to other file system volumes 109 mounted at the computing device 102. In this manner, it can be difficult for malicious parties to access the second / hidden mount of the file system volume 109, which could otherwise be problematic as the second / hidden mount is readable / writable and could potentially be modified in a harmful manner.

[0033] At step 308, the FS manager 108 applies the update package 122 to the file system volume 109 within the second / hidden mount to generate an updated file system volume 109. As previously noted herein, the update package 122 can include executables / data for modifying the content associated with the file system volume 109, e.g., a core OS of the computing device 102. At step 308 the file system manager 108 can also be configured to analyze the content of the updated file system volume 109 to ensure that the update package 122 was successfully / properly processed.

[0034] At step 310, the FS manager 108 generates a second snapshot 120 of the file system volume 109 based on the updated file system volume 109 generated at step 308. Although not illustrated in FIG. 3, step 310 can also optionally involve eliminating the first snapshot 120, e.g., to increase available storage space, to prevent users from rolling back previous / unsupported / unstable file system volumes 109, and the like. Finally, at step 312, the FS manager 108 establishes a third mount of the updated file system volume 109 in a read-only mode, where the third mount is based on the second snapshot 120. Accordingly, at the completion of step 312, the updated file system volume 109 is mounted at the computing device 102 in a stable manner.

[0035] FIG. 4 illustrates a detailed view of a computing device 400 that can be used to implement the various techniques described herein, according to some embodiments. In particular, the detailed view illustrates various components that can be included in the computing device 102 illustrated in FIG. 1. As shown in FIG. 4, the computing device 400 can include a processor 402 that represents a microprocessor or controller 413 for controlling the overall operation of computing device 400. The computing device 400 can also include a user input device 408 that allows a user of the computing device 400 to interact with the computing device 400. Still further, the computing device 400 can include a display 410 (screen display) that can be controlled by the processor 402 to display information to the user. A data bus 416 can facilitate data transfer between the storage device 440, the processor 402, and the controller 413. The controller 413 can be used to interface with and control different equipment through an equipment control bus 414. The computing device 400 can also include a network/bus interface 411 that couples to a data link 412. In the case of a wireless connection, the network/bus interface 411 can include a wireless transceiver.

[0036] The computing device 400 also include a storage device 440, which can comprise a single disk or multiple disks (e.g., hard drives), and includes a storage management module that manages one or more partitions within the storage device 440. In some embodiments, the storage device 440 can, alternatively or in addition, include flash memory, persistent memory, semiconductor (solid state) memory or the like. The computing device 400 can also include a Random Access Memory (RAM) 420 and a Read-Only Memory (ROM) 422. The ROM 422 can store programs, utilities or processes to be executed in a non-volatile manner. The RAM 420 can provide volatile data storage, and stores instructions related to the operation of the computing device 400.

[0037] The various aspects, embodiments, implementations or features of the described embodiments can be used separately or in any combination. Various aspects of the described embodiments can be implemented by software, hardware or a combination of hardware and software. The described embodiments can also be embodied as computer readable code on a computer readable medium. The computer readable medium is any data storage device that can store data which can thereafter be read by a computer system. Examples of the computer readable medium include read-only memory, random-access memory, CD-ROMs, DVDs, magnetic tape, hard disk drives, solid state drives, and optical data storage devices. The computer readable medium can also be distributed over network-coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.

[0038] The foregoing description, for purposes of explanation, used specific nomenclature to provide a thorough understanding of the described embodiments. However, it will be apparent to one skilled in the art that the specific details are not required in order to practice the described embodiments. Thus, the foregoing descriptions of specific embodiments are presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the described embodiments to the precise forms disclosed. It will be apparent to one of ordinary skill in the art that many modifications and variations are possible in view of the above teachings.

Claims

1. A method (300) for performing a live update of an operating system volume (109) on a computing device (102), the method comprising, at the computing device:

establishing (302) a first mount of the operating system volume in a read-only mode, wherein the first mount is based on a first snapshot (120) of the operating system volume, and the operating system volume enables an operating system to be executed on the computing device;

obtaining (304) an update package (122) for the operating system volume;

establishing (306) a second mount of a user volume in a read-write mode, wherein the user volume stores data associated with a user of the computing device;

establishing a third mount of the operating system volume in a read-write mode, wherein the third mount is a hidden mount such that operating system files associated with the third mount of the operating system volume cannot be improperly modified by processes executing in association with the first mount of the operating system volume and/or the second mount of the user volume;

applying (308) the update package to the operating system volume within the third mount to generate an updated operating system volume;

generating (310) a second snapshot of the operating system volume based on the updated operating system volume; and

establishing (312) a fourth mount of the updated operating system volume in a read-only mode, wherein the fourth mount is based on the second snapshot, wherein the computing device is rebooted in conjunction with establishing the fourth mount of the updated operating system volume and, when the computing device is rebooted, the first mount and the third mount are unmounted.

2. The method of claim 1, wherein the first mount of the operating system volume is established when the computing device is booting, and the operating system volume comprises components of an operating system (OS) configured to execute on the computing device.

3. The method of claim 1, wherein the user volume comprises user applications and user data.

4. The method of claim 1, further comprising, prior to generating the second snapshot of the operating system volume:
analyzing the updated operating system volume to confirm that the update package is properly applied to the operating system volume.

5. The method of claim 1, further comprising, subsequent to generating the second snapshot:
deleting the first snapshot.

6. The method of claim 1, further comprising, prior to establishing the first mount of the operating system volume in the read-only mode:
generating the first snapshot of the operating system volume.

7. At least one computer readable storage medium configured to store instructions that, when executed by at least one processor of a computing device, cause the computing device to implement the method recited in any of claims 1 to 6.

8. A computing device (102) configured to perform a live update of a operating system volume (109) on the computing device, the computing device comprising:

at least one memory (106);

at least one processor (104) communicatively coupled to the at least one memory, the at least one processor to cause the computing device to:

establish (302) a first mount of the operating system volume in a read-only mode, wherein the first mount is based on a first snapshot (120) of the operating system volume, and the operating system volume enables an operating system to be executed on the computing device;

obtain (304) an update package (122) for the operating system volume;

establish (306) a second mount of a user volume in a read-write mode, wherein the user volume stores data associated with a user of the computing device;

establish a third mount of the operating system volume in a read-write mode, wherein the third mount is a hidden mount such that operating system files associated with the third mount of the operating system volume cannot be improperly modified by processes executing in association with the first mount of the operating system volume and/or the second mount of the user volume;

apply (308) the update package to the operating system volume within the third mount to generate an updated operating system volume;

generate (310) a second snapshot of the operating system volume based on the updated operating system volume; and

establish (312) a fourth mount of the updated operating system volume in a read-only mode, wherein the fourth mount is based on the second snapshot, wherein the computing device is rebooted in conjunction with establishing the fourth mount of the updated operating system volume and, when the computing device is rebooted, the first mount and the third mount are unmounted.

9. The computing device of claim 8, wherein the first mount of the operating system volume is established when the computing device is booting, and the operating system volume comprises components of an operating system (OS) configured to execute on the computing device.

10. The computing device of claim 8, wherein the user volume comprises user applications and user data.

11. The computing device of claim 8, wherein the at least one processor, prior to establishment of the first mount of the operating system volume in the read-only mode, is to:
generate the first snapshot of the operating system volume.

12. The computing device of claim 8, wherein the third mount of the operating system volume is hidden and cannot be viewed through the first mount of the operating system volume.

13. The computing device of claim 8 wherein the at least one processor (104) further causes the computing device to, prior to generating the second snapshot of the operating system volume:
analyze the updated operating system volume to confirm that the update package is properly applied to the operating system volume.

Ansprüche

1. Verfahren '(300) zum Durchführen einer Live-Aktualisierung eines Betriebssystemvolumens (109) auf einer Rechenvorrichtung (102), das Verfahren umfassend, an der Rechenvorrichtung:

Einrichten (302) eines ersten Mounts des Betriebssystemvolumens in einem Nur-Lese-Modus, wobei der erste Mount auf einem ersten Schnappschuss (120) des Betriebssystemvolumens basiert, und das Betriebssystemvolumen ermöglicht, dass ein Betriebssystem auf der Rechenvorrichtung ausgeführt wird;

Erhalten (304) eines Aktualisierungspakets (122) für das Betriebssystemvolumen;

Einrichten (306) eines zweiten Mounts eines Benutzervolumens in einem Lese-Schreib-Modus, wobei das Benutzervolumen Daten speichert, die mit einem Benutzer der Rechenvorrichtung verknüpft sind; Einrichten eines dritten Mounts des Betriebssystemvolumens in einem Lese-Schreib-Modus, wobei der dritte Mount ein verborgener Mount ist, sodass Betriebssystemdateien, die mit dem dritten Mount des Betriebssystemvolumens verknüpft sind, nicht unsachgemäß durch Prozesse modifiziert werden können, die in Verknüpfung mit dem ersten Mount des Betriebssystemvolumens und/oder dem zweiten Mount des Benutzervolumens ausgeführt werden;

Anwenden (308) des Aktualisierungspakets auf das Betriebssystemvolumen innerhalb des dritten Mounts, um ein aktualisiertes Betriebssystemvolumen zu erzeugen;

Erzeugen (310) eines zweiten Schnappschusses des Betriebssystemvolumens basierend auf dem aktualisierten Betriebssystemvolumen; und

Einrichten (312) eines vierten Mounts des aktualisierten Betriebssystemvolumens in einem Nur-Lese-Modus, wobei der vierte Mount auf dem zweiten Schnappschuss basiert, wobei die Rechenvorrichtung in Verbindung mit Einrichten des vierten Mounts des aktualisierten Betriebssystemvolumens neu gestartet wird, und, wenn die Rechenvorrichtung neu gestartet wird, der erste Mount und der dritte Mount nicht gemountet werden.

2. Verfahren nach Anspruch 1, wobei der erste Mount des Betriebssystemvolumens eingerichtet wird, wenn die Rechenvorrichtung bootet, und das Betriebssystemvolumen Komponenten eines Betriebssystems (OS) umfasst, das konfiguriert ist, um auf der Rechenvorrichtung ausgeführt zu werden.

3. Verfahren nach Anspruch 1, wobei das Benutzervolumen Benutzeranwendungen und Benutzerdaten umfasst.

4. Verfahren nach Anspruch 1, ferner umfassend, vor Erzeugen des zweiten Schnappschusses des Betriebssystemvolumens:
Analysieren des aktualisierten Betriebssystemvolumens, um zu bestätigen, dass das Aktualisierungspaket ordnungsgemäß auf das Betriebssystemvolumen angewendet wird.

5. Verfahren nach Anspruch 1, ferner umfassend, im Anschluss an Erzeugen des zweiten Schnappschusses:
Löschen des ersten Schnappschusses.

6. Verfahren nach Anspruch 1, ferner umfassend, vor Einrichten des ersten Mounts des Betriebssystemvolumens im Nur-Lese-Modus:
Erzeugen des ersten Schnappschusses des Betriebssystemvolumens.

7. Mindestens ein computerlesbares Speichermedium, das konfiguriert ist, um Anweisungen zu speichern, die, wenn sie von mindestens einem Prozessor einer Rechenvorrichtung ausgeführt werden, die Rechenvorrichtung veranlassen, das Verfahren nach einem der Ansprüche 1 bis 6 zu implementieren.

8. Rechenvorrichtung (102), die konfiguriert ist, um eine Live-Aktualisierung eines Betriebssystemvolumens (109) auf der Rechenvorrichtung durchzuführen, die Rechenvorrichtung umfassend: mindestens einen Speicher (106);
mindestens einen Prozessor (104), der kommunikativ mit dem mindestens einen Speicher gekoppelt ist, wobei der mindestens eine Prozessor die Rechenvorrichtung veranlassen soll zum:

Einrichten (302) eines ersten Mounts des Betriebssystemvolumens in einem Nur-Lese-Modus, wobei der erste Mount auf einem ersten Schnappschuss (120) des Betriebssystemvolumens basiert, und das Betriebssystemvolumen ermöglicht, dass ein Betriebssystem auf der Rechenvorrichtung ausgeführt wird;

Erhalten (304) eines Aktualisierungspakets (122) für das Betriebssystemvolumen;

Einrichten (306) eines zweiten Mounts eines Benutzervolumens in einem Lese-Schreib-Modus, wobei das Benutzervolumen Daten speichert, die mit einem Benutzer der Rechenvorrichtung verknüpft sind;

Einrichten eines dritten Mounts des Betriebssystemvolumens in einem Lese-Schreib-Modus, wobei der dritte Mount ein verborgener Mount ist, sodass Betriebssystemdateien, die mit dem dritten Mount des Betriebssystemvolumens verknüpft sind, nicht unsachgemäß durch Prozesse modifiziert werden können, die in Verknüpfung mit dem ersten Mount des Betriebssystemvolumens und/oder dem zweiten Mount des Benutzervolumens ausgeführt werden;

Anwenden (308) des Aktualisierungspakets auf das Betriebssystemvolumen innerhalb des dritten Mounts, um ein aktualisiertes Betriebssystemvolumen zu erzeugen;

Erzeugen (310) eines zweiten Schnappschusses des Betriebssystemvolumens basierend auf dem aktualisierten Betriebssystemvolumen; und

Einrichten (312) eines vierten Mounts des aktualisierten Betriebssystemvolumens in einem Nur-Lese-Modus, wobei der vierte Mount auf dem zweiten Schnappschuss basiert, wobei die Rechenvorrichtung in Verbindung mit Einrichten des vierten Mounts des aktualisierten Betriebssystemvolumens neu gestartet wird, und, wenn die Rechenvorrichtung neu gestartet wird, der erste Mount und der dritte Mount nicht gemountet werden.

9. Rechenvorrichtung nach Anspruch 8, wobei der erste Mount des Betriebssystemvolumens eingerichtet wird, wenn die Rechenvorrichtung bootet, und das Betriebssystemvolumen Komponenten eines Betriebssystems (OS) umfasst, das konfiguriert ist, um auf der Rechenvorrichtung ausgeführt zu werden.

10. Rechenvorrichtung nach Anspruch 8, wobei das Benutzervolumen Benutzeranwendungen und Benutzerdaten umfasst.

11. Rechenvorrichtung nach Anspruch 8, wobei der mindestens eine Prozessor vor Einrichten des ersten Mounts des Betriebssystemvolumens im Nur-Lese-Modus den ersten Schnappschuss des Betriebssystemvolumens erzeugen soll.

12. Rechenvorrichtung nach Anspruch 8, wobei der dritte Mount des Betriebssystemvolumens verborgen ist und nicht durch den ersten Mount des Betriebssystemvolumens eingesehen werden kann.

13. Rechenvorrichtung nach Anspruch 8, wobei der mindestens eine Prozessor (104) ferner die Rechenvorrichtung veranlasst, vor Erzeugen des zweiten Schnappschusses des Betriebssystemvolumens das aktualisierte Betriebssystemvolumen zu analysieren, um zu bestätigen, dass das Aktualisierungspaket ordnungsgemäß auf das Betriebssystemvolumen angewendet wird.

Revendications

1. Un procédé (300) pour opérer une mise à jour en direct d'un volume de système d'exploitation (109) sur un dispositif informatique (102), le procédé comprenant, sur le dispositif informatique :

l'établissement (302) d'une première monte du volume de système d'exploitation dans un mode en lecture seule, la première monte étant basée sur un premier instantané (120) du volume de système d'exploitation, et le volume de système d'exploitation permettant à un système d'exploitation de s'exécuter sur le dispositif informatique ;

l'obtention (304) d'un paquet de mise à jour (122) pour le volume de système d'exploitation ;

l'établissement (306) d'une seconde monte d'un volume utilisateur dans un mode en lecture seule, le volume utilisateur stockant des données associées à un utilisateur du dispositif informatique ;

l'établissement d'une troisième monte du volume de système d'exploitation en un mode en lecture seule, la troisième monte étant une monte cachée telle que les fichiers de système d'exploitation associés à la troisième monte du volume de système d'exploitation ne puissent pas être modifiés de façon inappropriée par des processus s'exécutant en association avec la première monte du volume de système d'exploitation et/ou la seconde monte du volume utilisateur ;

l'application (308) du paquet de mise à jour au volume de système d'exploitation au sein de la troisième monte pour générer un volume de système d'exploitation mis à jour ;

la génération (310) d'un second instantané du volume de système d'exploitation sur la base du volume de système d'exploitation mis à jour ; et

l'établissement (312) d'une quatrième monte du volume de système d'exploitation mis à jour dans un mode en lecture seule, la quatrième monte étant basée sur le second instantané, le dispositif informatique étant redémarré conjointement avec l'établissement de la quatrième monte du volume de système d'exploitation mis à jour et, lorsque le dispositif informatique est redémarré, la première monte et la troisième monte sont démontées.

2. Le procédé de la revendication 1, dans lequel la première monte du volume de système d'exploitation est établie lorsque le dispositif informatique est en cours de démarrage, et le volume de système d'exploitation comprend des composants d'un système d'exploitation (OS) configuré pour s'exécuter sur le dispositif informatique.

3. Le procédé de la revendication 1, dans lequel le volume utilisateur comprend des applications utilisateur et des données utilisateur.

4. Le procédé de la revendication 1, comprenant en outre, avant la génération du second instantané du volume de système d'exploitation :
l'analyse du volume de système d'exploitation mis à jour pour confirmer que le paquet de mise à jour est convenablement appliqué au volume de système d'exploitation.

5. Le procédé de la revendication 1, comprenant en outre, après avoir généré le second instantané :
l'effacement du premier instantané.

6. Le procédé de la revendication 1, comprenant en outre, avant l'établissement de la première monte du volume de système d'exploitation dans le mode en lecture seule :
la génération du premier instantané du volume de système d'exploitation.

7. Au moins un support de stockage lisible par calculateur configuré pour stocker des instructions qui, quant elles sont exécutées par au moins un processeur d'un dispositif informatique, font en sorte que le dispositif informatique implémente le procédé énoncé dans l'une des revendications 1 à 6.

8. Un dispositif informatique (102) configuré pour opérer une mise à jour en direct d'un volume de système d'exploitation (109) sur le dispositif informatique, le dispositif informatique comprenant :

au moins une mémoire (106) ;

au moins un processeur (104) couplé de manière communiquante à l'au moins une mémoire, l'au moins un processeur faisant en sorte que le dispositif informatique :

établisse (302) une première monte du volume de système d'exploitation dans un mode en lecture seule, la première monte étant basée sur un premier instantané (120) du volume de système d'exploitation, et le volume de système d'exploitation permettant à un système d'exploitation de s'exécuter sur le dispositif informatique ;

obtienne (304) un paquet de mise à jour (122) pour le volume de système d'exploitation ;

établisse (306) une seconde monte d'un volume utilisateur dans un mode en lecture seule, le volume utilisateur stockant des données associées à un utilisateur du dispositif informatique ;

établisse une troisième monte du volume de système d'exploitation en un mode en lecture seule, la troisième monte étant une monte cachée telle que les fichiers de système d'exploitation associés à la troisième monte du volume de système d'exploitation ne puissent pas être modifiés de façon inappropriée par des processus s'exécutant en association avec la première monte du volume de système d'exploitation et/ou la seconde monte du volume utilisateur ;

applique (308) le paquet de mise à jour au volume de système d'exploitation au sein de la troisième monte pour générer un volume de système d'exploitation mis à jour ;

génère (310) un second instantané du volume de système d'exploitation sur la base du volume de système d'exploitation mis à jour ; et

établisse (312) une quatrième monte du volume de système d'exploitation mis à jour dans un mode en lecture seule, la quatrième monte étant basée sur le second instantané, le dispositif informatique étant redémarré conjointement avec l'établissement de la quatrième monte du volume de système d'exploitation mis à jour et, lorsque le dispositif informatique est redémarré, la première monte et la troisième monte sont démontées.

9. Le dispositif informatique de la revendication 8, dans lequel la première monte du volume de système d'exploitation est établie lorsque le dispositif informatique est en cours de démarrage, et le volume de système d'exploitation comprend des composants d'un système d'exploitation (OS) configuré pour s'exécuter sur le dispositif informatique.

10. Le dispositif informatique de la revendication 8, dans lequel le volume utilisateur comprend des applications utilisateur et des données utilisateur.

11. Le dispositif informatique de la revendication 8, dans lequel l'au moins un processeur, avant l'établissement de la première monte du volume de système d'exploitation dans le mode en lecture seule, doit :
générer le premier instantané du volume de système d'exploitation.

12. Le dispositif informatique de la revendication 8, dans lequel la troisième monte du volume de système d'exploitation est cachée et ne peut pas être vue au travers de la première monte du volume de système d'exploitation.

13. Le dispositif informatique de la revendication 8, dans lequel l'au moins un processeur (104) fait en outre en sorte que le dispositif informatique, avant de générer le second instantané du volume de système d'exploitation :
analyse le volume de système d'exploitation mis à jour pour confirmer que le paquet de mise à jour est convenablement appliqué au volume de système d'exploitation.

Drawing